Gahaa!!! Finally back home, after 7 fucking hours of sitting in busses and trains!

BUT I GOT MY NEXUS 6P!! Yoo-hoo!!! :D

And I've got a nice story about it.

So when I bought it, the guy selling it to me was a nontechnical type (I think?) whose wife was the previous owner. So I thought to myself, cool a nontechnical user used it.. probably no hardware mods or anything to worry about. Apparently they even factory reset it for me :)

Now, when I left to go back home, I of course immediately booted up the thing and did the whole doodad of logging into it, setting up the device etc.

Then it struck me. When I booted up the device and wanted to log in, there was a lock from Google that required me to first authenticate as either a previous account of the device, or their unlock pattern. So I figured, eh fuck it, I'll just flash some AOSP without GApps or send the owner an email asking what the previous pattern is.

But I still had to wait 30 minutes at the bus stop so I thought to myself.. previous owner was a nontechnical woman.. maybe I could crack it. No way to know if I don't try. So I started putting in random unlock patterns.

3 attempts later - I shit you not! - pattern accepted.
Do you want to add this account?

Oh boy Google, of course I do! Thanks for letting me in pal!

3 fucking attempts. That's all it took to crack the unlock pattern of an unknown person. 😎

Received a urgent email from a business client saying that the application we support is completely broken. Their staff said they used the app to send several submissions that day but they did not come through. This is a major issue as these submissions need to occur daily.

I understand that this is a priority so I immediately check everything. I test the app, the server, check the database. Everything seems fine, but there's no record of these submissions. Maybe it's the specific device that was used. I reply saying that everything seems to be in order. Can I please be provided with more information about what occurred? What time were the submissions sent?

Client replies saying that the submissions were definitely sent and that the staff swear by it.

I now know something is up, so I remote into the the devices in question and check the logs. The app was not even used that day! I've got them! Those liars!

I am now quite pissed off, but remain professional and reply saying that we log all app events and that the logs show that the app had not been used at all that day. Now they have to own up to their lie. Right?

Wrong. Client replies with: The issue has been fixed. Thanks.

Can you believe the bloody nerve? The client doesn't even have the decency to apologise but rather insinuates that it was all our fault.

Well I'm not having that. I reply: It is great that the app is functioning correctly. However, I believe it is important to understand the cause of the issue as to prevent it from occuring again.

Client: No reply.

Well, if you want to waste other people's time, here's the fat bill.

Moral of the story. Don't trust anything that the client says and for any issue, debug the user before doing anything else.

The gym I go to has an app for user's to scan a QR code when they arrive and it has multiple HUGE issues.

This app shows the credit card info used for the direct debit without anything being redacted.

When the gym is signing up someone they give them a password so they can login, not too bad except the password is always the person's first name with the first letter capitalised.

This gets worse when you figure out that their is no way to change the password given to you AT ALL.

And just to top it all off, when you click the "Forgot Password" link on the login screen, the app just sends you an email with your password (your first name) in plain text.

The app also doesn't log you out or notify you if your login is used on a different device.

So I have tested this with 2 of my friends that go to the same gym and, with only knowing their email and first name (which I could have gotten from their email if I didn't know them), I can get into their app and see their credit card info without them being any the wiser.

@netikras since when does proprietary mean bad?

Lemme tell you 3 stories.

CISCO AnyConnect:
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.

Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!

Can be easily resolved by using opensource VPN client -- openconnect

CISCO AnyConnect:
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted

OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.

SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in

umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.

Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.

Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.

I've recently received another invitation to Google's Foobar challenges.

A while ago someone here on devRant (which I believe works at Google, and whose support I deeply appreciate) sent me a couple of links to it too. Unfortunately back then I didn't take the time to learn the programming languages (Python or Java) that Google requires for these challenges. This time I'm putting everything on Python, as it's the easiest language to learn when coming from Bash.

But at the end of the day.. I am a sysadmin, not a developer. I don't know a single thing about either of these languages. Yet I can't take these challenges as the sysadmin I am. Instead, I have to learn a new language which chances are I'll never need again outside of some HR dickhead's interview with lateral thinking questions and whiteboard programming, probably prohibited from using Google search like every sane programmer and/or sysadmin would for practical challenges that actually occur in real life.

I don't want to do that. Google is a once in a lifetime opportunity, I get that. Many people would probably even steal that foobar link from me if they could. But I don't think that for me it's the right thing to do. Google has made a serious difference by actually challenging developers with practical scenarios, and that's vastly superior to whatever a HR person at any other company could cobble together for an interview. But there's one thing that they don't seem to realize. A company like Google consists of more than just developers. Not only that, it probably consists - even within their developer circles - of more than just Python and Java developers. If any company would know about languages that are more optimized such as C, it would be Google that has to leverage this performance in order to be able to deliver their services.

I'll be frank here. Foobar has its own issues that I don't like. But if Google were a nice company, I'd go for it all the way nonetheless - after all, they are arguably the single biggest tech company in the world, and the tech industry itself is one of the biggest ones in the world nowadays. It's safe to say that there's likely no opportunity like working at Google. But I don't think it's the right thing. Even if I did know Python or Java... Even if I did. I don't like Google's business decisions.

I've recently flashed my OnePlus 6T with LineageOS. It's now completely Google-free, except for a stock Yalp account (that I'm too afraid to replace with my actual Google account because oh dear, third-party app stores, oh dear that could damage our business and has to be made highly illegal!1!). My contacts on that phone are are all gone. They're all stored on a Google server somewhere (except for some like @linuxxx' that I consciously stored on device storage and thus lost a while back), waiting for me to log back in and sync them back. I've never asked for this. If Google explicitly told me that they'd sync all my contacts to my Google account and offer feasible alternatives, I'd probably given more priority to building a CalDAV and CardDAV server of my own. Because I do have the skills and desire to maintain that myself. I don't want Google to do this for me.

Move fast and break things. I've even got a special Termux script on my home screen, aptly named Unfuck-Google-Play. Every other day I have to use it. Google Search. When I open it on my Nexus 6P, which was Google's foray into hardware and in which they failed quite spectacularly - I've even almost bent and killed it tonight, after cursing at that piece of shit every goddamn day - the Google app opens, I type some text into it.. and then it just jumps back to the beginning of whatever I was typing. A preloader of sorts. The app is a fucking web page parser, or heck probably even just an API parser. How does that in any way justify such shitty preloaders? How does that in any way justify such crappy performance on anything but the most recent flagships? I could go on about this all day... I used to run modern Linux on a 15 year old laptop, smoothly. So don't you Google tell me that a - probably trillion dollar - company can't do that shit right. When there's (commercialized) community projects like DuckDuckGo that do things a million times better than you do - yet they can't compete with you due to your shit being preloaded on every phone and tablet and impossible to remove without rooting - that you Google can't do that and a lot more. You've got fucking Google Assistant for fucks sake! Yet you can't make a decent search app - the goddamn thing that your company started with in the first place!?

I'm sorry. I'd love to work at Google and taste the diversity that this company has to offer. But there's *a lot* wrong with it at the business end too. That is something that - in that state - I don't think I want to contribute to, despite it being pretty much a lottery ticket that I've been fortunate enough to draw twice.

Maybe I should just start my own company.

Me - Wants to transfer chat history.

App: "Log in to the new device and scan this QR Code to start transfer."

Me - Logs in on new device.

App: "Oh, a new device logged in? Let's log you out from your old device. It's not like this feature you are trying to use specifically requires 2 devices to be logged on at the same time while I literally don't allow multiple devices to be logged on at the same time. You're welcome."

LabVIEW.

Because WHY THE ACTUAL FUCK should you want to use a visual programming language in a professional environment and pay for it.

(Other than: the manufacturer of your measurement device/power supply/electronic load/etc. has already provided a LabVIEW module so you just have, you know, 'click' your program together and be done.

No, we won't give you the documentation on how to do it properly without that piece of crap or even give you code snippets.

(If you don't feel the urge to shoot yourself in the foot, you have obviously too much time on your hands and could simply be reading the interface definitions for that particular interface. At least it's standardized, d'uh.)

Oh, and you want a lightweight application? Here comes the runtime environment! A big clunky ... thing you'll need now to start up even a simple measure-and-log-data-thing.

Well, OK, it works for the occasional Measure-and-Log-Thing. If you don't need the data too fast.

If you want to do something a bit more complex, knock yourself out, but don't ask me to debug it for you afterwards because that colourful entanglement of wires and connections and blocks is a DAMN HUGE MESS and trying to understand how it works feels like defusing a bomb in a shitty action movie.)

Never again.

Why me. Why is it always me who has issues with Windows. (The OS)

I HAVE to use windows for a specific thing right now. Fair enough, I have an old system lying around somewhere with not the best specs ever but it'll do. Windows 7, clean install.

Firstly, let's boot up! Booting goes fine, login goes well... "Installing device drivers" (keyboard and mouse combi). I connected this set a gazillion times before so no clue why windows would need to download the drivers YER AGAIN. But, fine, it works.
Let's connect a USB webcam and to to the hardware testing website to see if my setup is right!

(I mostly don't blame this part on windows)

The webcam drivers install successfully, good. Although the page says it isn't working, it displays the live cam footage well so whatever.
Installed Chrome (not chromium too badly) to see if it shows fine there but chrome doesn't detect ANY cam/mic combination at all, not even the integrated one(s).

Annoying so let's reboot and see if it works normally with all checks okay on Firefox.

Rebooted.... aaaaand the USB webcam driver installation fails. I'm weirded out since the drivers were installed BEFORE the reboot already. Firefox now does not display any can/mic.... until it does after a few reloads. Windows is still saying that the driver installation failed.

The testing webpage, however, still says its not working while I'm literally seeing my ugly smug on screen. I contact support which does a remote check and says all is good but there was probably "a glitch with Windows" while the checks are still mostly red, I take a copy of the chat log just to be sure.

Now, I kinda want to shut this system down until the time I'll need it but I'm rather afraid that Windows is going to throw driver conundrums yet again and I simply *CANNOT* have this right now. So, I'm leaving this system on until I need it, and I'll pray windows plays along well.

APPLE IM GONNA BURN YOU WITH GASOLINE.

So i want to send my build to app store, from my iphone.

I want to log into iTunesConnect.

"It just works"

Yeah, right. Login page for itunesconnect does not render correctly on Safari web browser, on iphone, login arrow is not visible, and elements are scattered around.

Grrrrrrr.

On Google Chrome, it looks okay!!!!!!!!!!!
Spartaaaaaaaaaa.

After some tapping on screen, and rotating the device, i somehow found invisible arrow and managed to sign in.

BUT. Once inside i was unable to complete the process because UI refuses to scroll down :(

The pain...

In fact I'm a sinful dev, so that I can't easily decide which one is worst. From indenting with tabs, or using nano instead of vim/emacs, to hardcoding database credentials on server, to many hacks and workarounds I use as actual "fixes" when the deadline is upon me and I've tried all I could. But it always led only to my own regret. For instance, my latest sin was that I prefered Debian over Arch and used proprietary graphic drivers to speed up my new setup. But ended up with a curse from St. Ignucius. (check my last rant)

But my worst sin probably goes to when I was "printf-debugging" some issue for a GSM controller on a raspberry pi. I forgot to remove one little print line and deployed the new "fixed" version. I didn't follow that project after that for like a month or so, when the client posted back the device and said that "it just doesn't work anymore". It seemed that raspbian didn't boot beacause the sd card was curroptted. I dd'ed through the card and I noticed that there are billions of lines of "DEBUG:: reading stream from 192.some.shitty.ip", took almost all over the 32G sdcard. Just as I suddenly remembered the cursed line I just added a month ago, I declared the sd card dead with no hesitation, dunce-commented the line (so the history would remember), implemented a time out for the thread containing it, setup a journald unit for my service and removed the redirection of process output to a log file, found a new sd card and installed everything again, and finally posted back the new "fix" to the client.

Moral: Never comfort yourself for the sins you have commited in the past kids, they certainly will come back to you. And also not to do any io especially write to a file on an SD card with ext fs, in a potentially infinite loop with no timeout.

P.S: I'd posted my last rant just before the new week rant last nigh. I really liked the St. Ignucius meme so decided to create a new one. He's very adorable :)

There's a lotta memes about Google spazzing out whenever you log into a new device, but Fitbit is even worse lol

I not only get a notification that my Fitbit's battery is low, I also get a fucking email about it.

Like y'all chill out. I know it's low.

I'm sure this can be disabled somewhere, but I'mma probably get a new watch soon so I'm too lazy to deal with it

>Installed a new graphics card (thanks santa <3)
>Boots into Ubuntu
>Try to SSH. No route to device.
>Log in locally. "Failed to start raise network interfaces"
>ok.
>find out that installing graphics card renamed enp2s0 to enp3s0.
>ok.

TL;DR: Google asked me to PROVIDE a phone number to verify connection from a new device, on the said device.

Yesterdayto log into my work Google account from my personal laptop to check emails, calendars update and so on. I opened up a private navigation window, went to Google sign-in page, entered my credentials, all is well.

Google then decided to "verify it's me" and prompted me to PROVIDE a phone number (work account without work phone means no phone number set up) so that they can send a verification code to the number I just provided to make sure the connection is legit.

Didn't want to do that, clicked "use another method" and got asked to fill the last password I remember, which would be my current password thanks to my trusty password manager. After submitting, I'm prompted with an error saying I have to contact my admin to reset my password because they can't log me in with my CURRENT password.

I ain't gonna do that, so went back to login page, provided my phone number, got the code, filled in the code, next thing I know I'm browsing through my emails.

What the duck? Could have been anybody giving any phone number. So much for extra security.

Also don't care that they have my phone number, the issue is more about the way used to obtain it: locking me out of my account and having no other way of logging in.

RANT:
Google is just a steaming pile of shit!!

I've recently installed LineageOS onto my phone and wanted to degooglify my life.

So my current Smartphone doesn't have any GApps installed and I get along fairly well.

Should I need anything, I should just be able to use it in my browser right?
RIGHT?

Nono!! As soon as I want to log into a third party Service using Google (older acccounts with the other choice only being Facebook) I need to "verify my identity". And the only option are my old smartphone who still have Gapps on it but are slow and don't accessible when I'm away!

For those who say: "Google is just beeing secure. They don't want anyone to steal your account.". I USE 2FA AND HAVE BACKUP CODES.
BEFORE DEGOOGLING MY DEVICE IT NEVER ASKED SUCH A THING!!! WHAT A PILE OF SPYING SHIT!!!

And the best part, after I remotely started my PC at home and just want to take a screenshot of the message for this post before just using a working session, the message didn't appear.
Somehow google decided that me logging in 15 mins later (same ip) proves my identity?!?!?!

IF THIS CAN BE ATTRIBUTED TO AI. FUCK THIS SHIT. GOOGLED SHOULD BE TREATED LIKE AN ONLINE CASINO BECAUSE THE CHANCE OF JUST GETTING LOGGED SEEMS COMPLETELY RANDOM!!!

(I also had this prior when using my smartphone browser. There I couldn't "circumvent" this and I was at home. But having this shit on my browser which should've a session is unacceptable.)

!dev but tech related...

Got a device configured in a location that is fairly far away from me. It operates only through a cloud service specifically for these devices, with one of the most unreliable web interfaces and smartphone apps I have ever used.

I email my issues to the tech support who don't seem to understand the problems and can't fathom the difference between "reset settings" and "restart device".

Eventually they need to log in to my account to find out whats wrong. I explicitly state that under no circumstances should any settings be changed.

Today I find that the device has been removed from the cloud account. I physically must be near it to register it on the account again. Tech support don't seem to know what happened and the best explanation is that it is "a glitch". They have no way to add it back themselves. I have to travel to the device.

Funny how this happened after I let them access the account...

-Rant-
How do you (not) secure your Rest based web service?
1. Chain it to shady organic authentication system built by a hoard of monkeys high on Tequila.
2. have secret keys that get copy pasted into config flat files, and index them on your code search engine.
3. make the onboarding extremely platform specific that you need 500 environment variables, 50 scripts, 5 fancy device presses and a tap dance to make a GET call to the service.
4. fish through 500 rotating log files that the authentication system generates for each API call made.
5. Leave traces all over the host so if you have to start over, you should sudo rm -rf / and set fire to your computer.

Package Installer on android needs to show something other than just the progress bar. Even a basic log like windows installers that say, "copying this, extracting this, done..." If it affects the minimalism of the interface, they could try doing what Tor browser does- swipe to see a log. It just feels heartbreaking to wait 5 long minutes for it to process on this tortoise device, and then get, "app not installed." with an OK button. :( Like, whyyyy? There should be a "THAT'S NOT OK" button.

Is there any magisk module for this? Or some other tweak?

Updated to iOS 12.1.2 (sleazy release 2) after previously getting fucked up the ass by iOS 12.1.2 first release. Yes boys and girls, they tried to cover up their latest fuckup by re-releasing the same release with a modification.

The first time I updated, it knocks my Apple ID out on all my Apple devices when I upgrade my iPhone to 12.1.2. Mother fuckers... gotta log back in for every device, iPads, iPhones, Apple TVs, Macs. And for each service iTunes Store, Messages, FaceTime on each device supporting. Oh yea, it knocks out my Wi-Fi calling and I have to reestablish that too. Then to really ice me, it knocks out my HomeKit system as the Apple ID is knocked out on the Apple TV.

Now after updating just my iPhone to the second 12.1.2 "sleaze release", the thing knocks all my devices out again.

Apple has taken away that which I loved; impeccable engineering and design that could be used as the model for an entire industry. The industry guru. (teacher, leader) Apple has become the new Microsoft.

October 5, 2011, the day Apple died.

FUCKING DEVICE LOG IN XAMARIN
YOU JUST DONT WORK YOU FUCKING FUCK

Worst support experience so far: German ISP sent their cheap default router which I opted for, hoping that I didn't need to rent a costly FitzBox. Provider activates the connection, everything fine, but slow and unstable on my Linux laptop only. Try using their website, their support chat etc. as they made it very hard to even open a support ticket. I gather all the information, ping, traceroute, netstat, logfiles, router settings, broadband measurement etc. and finally manage to open a support ticket of my issue adn they say they will send an engineer to my place in about 4 days. I stay at home that day and wait for the whole day, nothing happens!
I get back to them, even get a phone call after waiting about 1h in the waiting queue, only to listen to someone tell me that the appointment had been cancelled as the ticket had already been closed. WTF! They said they measured my connection and could not reproduce any error. Did not even mention my lengthy log files etc. It took my own research and another hint that there is an incompatibility with that specific router and some specific devices so I should really replace their cheap router with a FritzBox device. What they also did not tell, that you dont need to rent their branded FritzBox, there are cheap second hand models from another ISP that you can reconfigure by simply chosing another ISP in a dropdown list that contains every popular German ISP. But why are they popular? You can only choose between the different bad ones, that's why they don't seem to make an effort.

You know what is THE stupidest and most fucking anoying thing ever? (And partially my fault) I recently reinstalled Ubuntu on my device, meaning I lost my SSH keys. Today I wanted to make a quick change to a website hosted on digitalocean. Now as per good practice I had disabled the root account and the only way to log in is via SSH or using their web terminal. Obviously I couldn't use SSH so I had no choice but their awful web terminal. Not only is it laggy as balls but it would keep hanging up meaning I had to close it and start again. As if that wasnt fucking frustrating enough all I wanted to do was add my new SSH so I could just use my terminal. But NO you can't fucking paste anything into their terminal! Like what the fuck? How can you not have this basic functionality in 2017???

(Question/0.5Rant)

So I am working on a mixed API (aka reachable from anywhere, but also only accessible by specific allowed devices) and I am struggling with the security of it, its not managing anything hardcore (this API is "is the coffe ready?" kind of level) or I would have just enforced per device registration for example already, but the app that goes with that API is deployed remotely and has to be "ready to go!!!" out of the box, so I can't add any registration, verifications of devices etc.

The main thing I am afraid of is, that one of those agent retards will get his spaghetti phone blasted from the inside, so all the https calls will be read out by some random attacker, which then will be able to "abuse" the API via read out api-key, is there any way for me to have a rescue plan if one of those retards does get hacked and the system then get spammed or something, like if I log all devices that use the API I could just deny access from that device (until resolved) and issue a new app update via new api key.

What's the best way of handling this and is my idea really the only way to handle this? this shitfest is really causing shit ton of ideas in my head, which then I deny literally 20 seconds later, because there's a way to bypass it or once you have the old api key to get a new one by just monitoring it etc.

Urgh... No exceptions in Rust annoys me. Now you only have the choice between "this didn't work please handle this error, thank you ^-^" and "you fool, prepare for annihilation". So basically if anything remotely serious happens your programs dead and there's nothing you can do about it. I don't get why people have this hate for exceptions. Everytime a new language gets made it's always either "ew it has exceptions" or "it's so nice it doesn't even have exceptions". NOOO! They can deal with serious situations in the best possible way and they can be statically checked (so no "but they're so complex and unpredicable" stuff please). If you can expect an exception they shouldn't be used in the first place (eventhough they are absolutely no less good than Option returntypes or whatever, just different) but in cases when it's impossible to predict an error they really shine. And not having them makes your language worse. If a device driver accesses illegal memory it should throw an exception, so instead of the computer shitting the bed, first the offending function has a chance to resolve the problem at it's root, then a few functions up the call stack, the general control functions of the device drivers can handle it and restart the operation if applicable, and even if the driver fails to handle it, the OS can jump in and restart the driver, log an error and do whatever. It's absolutely beautiful: This hierarchical ramp from near the accident site to more high level operations code ensures the error can be caught at the right level of abstraction without introduction a lot of boilerplate. If everything fails and nobody can handle it *then* the program or kernel or whatever can panic.

There's nothing quite like an app force closing for no apparent reason, and no error log info.

Just spent an hour figuring out that one of the device I test on doesn't like linking GLSL shader programs if it contains a loop even know every other devices I've tested on are totally fine with it. 😑

If I login to some account, log out, and then log in through some other account, I still get push notifications for logged out account.

It doesn't unregister device for push notifications, you need to uninstall to get rid of it.

So I follow Linus Tech Tips and set my computer's DNS server to 1.1.1.1 but the dumbass in me didn't set any backup servers.

Come Friday night, internet is not working on my computer. After a modem/router restart and it still not working, I thought it was just the internet in the house was down for a little bit (it was connecting to the router perfectly fine). The next morning I wake up and my phone's connected to WiFi and it's working, so I'm like, "great, internet's back"

Not for my laptop lol. Nothing's loading there. Since it's just this device that's having trouble, I decide to forget the network and log back in. Still not working.

I finally remembered my DNS server setting and add Google's external DNS servers to the list and now it's working.

I‘ve now my first smart home device. It is only a power outlet, but the story behind it is a bit special.
Because Apple trapped me in there ecosystem I wanted to have a HomeKit compatible outlet. The problem with that: Either to expensive or to big. So my ne mission: Connect a non HomeKit device to HomeKit, but without a too expensive proprietary gateway/bridge.
After a bit of googling I found a software called "Homebridge", build to run on a Raspberry Pi. Fortunately I had one old RasbPi 1 B. So I installed a new Raspbian and installed Homebridge. I forgot how slow it was.
Then I bought a cheap (but good) ZigBee outlet and a ZigBee USB Dongle. With a plugin for Homebridge it was very easy to connect the ZigBee Dongle.
Then I tried to connect the outlet, but the log said "Unrecognized device". After a bit of research I found out that the outlet is not supported by the homebridge-zigbee plugin. As a software engineer I tried to find a solution for it, so I reverse engineered the device recognition (very easy because Homebridge is a node application). After a while I managed to add the configuration for the outlet to the plugin.
And see, it became light.

Any iOS or Android devs here?

I have a question, that I hope you will answer:

It is possible for an app to log the users location, say every half hour, while the app is running in the background AND the screen of the device is locked?

So I've been using Duet on my iPad Pro for a couple years now (lets me use it as an external monitor via Lightning cable) and without issue. Shit, I've been quite happy with it. Then the other day, whilst hooked up to my work laptop, there was a power fluctuation that caused my laptop to stop sending power to connected devices. Which is fine - I have it plugged into a surge protector so these fluctuations shouldn't matter. After a few seconds the laptop resumed normal operation and my connected devices were up and running again.

But the iPad Pro, for some reason, went into an infinite boot loop sequence. It reboots, gets to the white Apple logo, then reboots again.

In the end, after putting the iPad into recovery mode and running Apple's update in iTunes (as they recommend), it proceeds to wipe all my data. Without warning. I lost more than a couple of years of notes, illustrations and photos. All in one fucking swoop.

To be clear, you get 2 options in iTunes when performing a device update:

1. UPDATE - will not mess with your data, will just update the OS (in this case iPadOS)
2. RESTORE - will delete everything, basically a factory reset

I clicked UPDATE. After the first attempt, it still kept bootlooping. So I did it again, I made sure I clicked UPDATE because I had not yet backed up my data. It then proceeds to do a RESTORE even though I clicked UPDATE.

Why, Apple? WHY.

After a solemn weekend lamenting my lost data, I've come a conclusion: fuck you Apple for designing very shitty software. I mean, why can't I access my device data over a cabled connection in the event I can't boot into the OS? If you need some form of authentication to keep out thieves, surely the mutltiple times you ask me to log in with my Apple ID on iTunes upon connecting the damn thing is more than sufficient?! You keep spouting that you have a secure boot chain and shit, surely it can verify a legitimate user using authenticated hardware without having to boot into the device OS?

And on the subject of backing up my data, you really only have 2 manual options here. Either (a) open iTunes, select your device, select the installed app, then selectively download the files onto my system; or (b) do a full device backup. Neither of those procedures is time-efficient nor straightforward. And if you want to do option b wirelessly, it can only be on iCloud. Which is bullshit. And you can't even access the files in the device backup - you can only get to them by restoring to your device. Even MORE bullshit.

Conversely, on my Android phone I can automate backups of individual apps, directories or files to my cloud provider of choice, or even to an external microSD card. I can schedule when the backups happen. I can access my files ANYTIME.

I got the iPad Pro because I wanted the best drawing experience, and Apple Pencil at the time was really the best you could get. But I see now it's not worth compromise of having shitty software. I mean, It's already 2021 but these dated piles of excrement that are iOS and iPadOS still act like it's 2011; they need to be seriously reviewed and re-engineered, because eventually they're going to end up as nothing but all UI fluff to hide these extremely glaring problems.

So, some data need to be prepared during the summer and the diverse departments' elected data processors got shared in a Google spreadsheet they will need to fill with some basic data IT needs. Simple, straightforward data entry, with nothing private nor confidential. Just another divide-and-conquer-style large amount of data to enter & organise, that's all.

Today, I received a new comment notification as the owner of the spreadsheet. You can imagine my surprise when I saw that, for some f*cked up reasons, one of the guys just wrote the super-admin username & pw for one of the main data systems we use in a freaking comment in the spreadsheet... WTF...
Oh, and also, juuust in case, he also wrote the pin code that is normally required to pass through the device-check when you log-in as a super-admin from an unknown device and/or location.

Fortunately I could catch it on time, but this just ruined half of my day.
I am supposedly on freaking annual leave. Ha Ha. Ha.

Do not know how to execute Roku com link activation steps? Here we explain the guidelines in detail. Select your device and connect the necessary cables. Create a Roku account, log in. Search to find the Roku activation code. Type the code navigating to the page, Roku com link